[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fXJENmGBK0HSABqE19R8f-PvkHwG_9wSIlCmSxp2kZ8E":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20,"patch_diff_files":21,"patch_trac_url":9,"research_status":9,"research_verified":22,"research_rounds_completed":23,"research_plan":9,"research_summary":9,"research_vulnerable_code":9,"research_fix_diff":9,"research_exploit_outline":9,"research_model_used":9,"research_started_at":9,"research_completed_at":9,"research_error":9,"poc_status":9,"poc_video_id":9,"poc_summary":9,"poc_steps":9,"poc_tested_at":9,"poc_wp_version":9,"poc_php_version":9,"poc_playwright_script":9,"poc_exploit_code":9,"poc_has_trace":22,"poc_model_used":9,"poc_verification_depth":9,"poc_exploit_code_gated":22,"source_links":24},"WF-c59cddfb-c434-4a69-9c1c-7d58f022c1aa-download-manager","download-manager-privilege-escalation","Download Manager \u003C= 2.8.7 - Privilege Escalation","The Download Manager plugin for WordPress is vulnerable to Privilege Escalation in versions up to, and including, 2.8.7. This is due to unchecked use of the extract() function which makes it possible for authenticated attackers, with subscriber-level permissions and above, to edit user metadata, including their role.","download-manager",null,"\u003C2.8.8","2.8.8","medium",6.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:N\u002FI:H\u002FA:N","Improper Privilege Management","2016-01-19 00:00:00","2024-01-22 19:56:02",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fc59cddfb-c434-4a69-9c1c-7d58f022c1aa?source=api-prod",2926,[],false,0,{"type":25,"vulnerable_version":9,"fixed_version":9,"vulnerable_browse":9,"vulnerable_zip":9,"fixed_browse":9,"fixed_zip":9,"all_tags":26},"plugin","https:\u002F\u002Fplugins.trac.wordpress.org\u002Fbrowser\u002Fdownload-manager\u002Ftags"]